Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 154 Low: 10
Reference
Title
Severity
CVE-2016-0788
Jenkins Permissions Privileges and Access Controls Vulnerability
Critical
CVE-2024-23897
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-21687
Jenkins Missing Authorization Vulnerability
Critical
CVE-2021-21693
Jenkins Improper Authorization Vulnerability
Critical
CVE-2021-21694
Jenkins Missing Authorization Vulnerability
Critical
CVE-2021-21697
Jenkins Other Vulnerability
Critical
CVE-2021-21690
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-21691
Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability
Critical
CVE-2021-21692
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-21696
Jenkins Other Vulnerability
Critical
CVE-2021-21685
Jenkins Missing Authorization Vulnerability
Critical
CVE-2015-8103
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-1000353
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-1000362
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Critical
CVE-2018-1000861
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2023-27898
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2016-9299
Jenkins Improper Neutralization of Special Elements used in an LDAP Query (LDAP Injection) Vulnerability
Critical
CVE-2016-0791
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Critical
CVE-2021-21689
Jenkins Other Vulnerability
Critical
CVE-2017-1000394
Jenkins Improper Input Validation Vulnerability
High
CVE-2017-2608
Jenkins Deserialization of Untrusted Data Vulnerability
High
CVE-2021-21605
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2022-34174
Jenkins Observable Discrepancy Vulnerability
High
CVE-2018-1999002
Jenkins Improper Input Validation Vulnerability
High
CVE-2018-1999001
Jenkins Improper Input Validation Vulnerability
High
CVE-2018-1000194
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2021-28165
Jenkins Uncontrolled Resource Consumption Vulnerability
High
CVE-2022-0538
Jenkins Deserialization of Untrusted Data Vulnerability
High
CVE-2021-21686
Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability
High
CVE-2017-1000503
Jenkins Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
High